Page 999 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 999
repercussions.
Account Review
Accounts should be reviewed periodically to ensure that security
policies are being enforced. This includes ensuring that inactive
accounts are disabled and employees do not have excessive privileges.
Many administrators use scripts to check for inactive accounts
periodically. For example, a script can locate accounts that users have
not logged onto in the past 30 days, and automatically disable them.
Similarly, scripts can check group membership of privileged groups
(such as administrator groups) and remove unauthorized accounts.
Account review is often formalized in auditing procedures.
It’s important to guard against two problems related to access control:
excessive privilege and creeping privileges. Excessive privilege occurs
when users have more privileges than their assigned work tasks
dictate. If a user account is discovered to have excessive privileges, the
unnecessary privileges should be immediately revoked. Creeping
privileges (sometimes called privilege creep) involve a user account
accumulating privileges over time as job roles and assigned tasks
change. This can occur because new tasks are added to a user’s job and
additional privileges are added, but unneeded privileges are never
removed. Creeping privileges result in excessive privilege.
Both of these situations violate the basic security principle of least
privilege. The principle of least privilege ensures that subjects are
granted only the privileges they need to perform their work tasks and
job functions, but no more. Account reviews are effective at
discovering these problems.
Dangers of Failing to Review Accounts
Lucchese Bootmaker, a boot-making company headquartered in
Texas, learned firsthand of the dangers of not performing audit
reviews. Joe Vito Venzor, a sys admin at the company, was notified
